

•Command Procedure Transfer to On-Board Execution only 
•System Monitoring Transfer to AiUonomous On-Board Monitoring 
•Procedure Development Transfer v On-Board Development 
•Procedure Test and Qualificatijpi Transfer to On-Board 

entation Transfer to On-Board 


•Planning Development and Implementation Transfer to On-Boarc 

•Crew Autonomy Enabler 

•Comm to Earth Light Time Delay Risk Mitigation 

•Permanent Loss of Comm Risk Mitigation 

•Assured Crew Return Enabler 

•Safety Integration Transfer to On-Board Operations and Planning 
•Increase Crew Time for Science 
•Single Crew Command Functionality 
•Functions 1 _ 
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HAL 9000 Real Time Architecture 



Executive Component Execution Component Vehicle Component 

(Planning Engines) (Timeliner-TLX™ Engines) (Notional Avionics) 




Planning Executives Key Points 


•Divides operations planning into their respective disciplines 
•Employs an iterative plan approval process that is configurable and autonomous 
•Each Executive contains specific "intelligence" about planning its subsystems 
•Planning Logic Modules can be modified in flight 
•Flight Rule, Regulations and Condition check insertion into real-time planning 
•Safety integrated as a planning discipline (also integrated into execution) 

•The Planning Executive becomes the operator in most cases 
•Crew self planning 

•Crew Procedure Authoring 

•Monitors and Reacts to unplanned events autonomously (re-plan) 

•Priority definitions can vary depending upon the targeted system to operate 
•Adjustable granularity in priorities (Priority Leveling) 

•Relaxed Crew environment (anytime priority) 

•Continuous Resource Verification 

•Embedded real-time operations restrictions (Flight, Safety and Condition Rules) 



Design Reference Missions 



‘Assists in the analysis of the HAL 9000 planning and execution capabilities 

•How do you relocate ground operations to on-board? 

•What additional tools are needed to drive inputs to planning? 

•What level of autonomy is appropriate for the crew? 

•What embedded functionality is missing? 

•What changes to crew skill sets are required? 

•How much mitigation can be achieved for communication light time delays? 
•How much mitigation can be achieved for permanent loss of communications? 
•How do you integrate Safety to be a real-time player? 

•What impacts to the Execution Component will be realized from un-converged 
plan execution? 


•Just a few of the questions we are asking ourselves 


Re-Supply Design Reference Mission 


Key Points from Operations Flow y 

* Guidance Navigation and Control requires trajectory data for course, speed 
and vehicle orientation (external system provision) 

* Propulsion Executive requffes translation intelligence (Thruster firings) 

* Crew modified an existing GNC Activity (auto-procedure) and added it to the 
plan 

New GNC Activity generated a new Propulsion Plan 

New Propulsion Plan generated a new Power Plan 

New GNC Activity generated a new Communications Plan (Vehicle 

re-orientation) 

New Communications Plan generated a new Power Plan 
Activity resources identified in real-time from Knowledge Pack data 
within the core link list structures 

* Communication Executive requires intelligence for vehicle/transponder 
selection during vehicle maneuvers 



Jupiter Assured Crew Return 
Design Reference Mission 


•Key Points from Operations Flow 

•Candidate new plan contains the added GNC Activity 
•Candidate new plan contains the Maneuvering Arm Activity 

•Safety, HAL Main and Propulsion Executives reject the new plan encountering 
resource constraints specified in the Flight Rules and Safety Rules 

Mission restrictions implemented in real-time for planning and execution 
Programmatic Safety and Flight Rule implementation (3 separate 
annunciations) 

•Flight Rules and Safety Rules can be modified during flight or 

•Crew can override and implement the Candidate New Plan (emergency) 
Non-Converged Plan will generate ECW Messages and potential stop of 
execution (requires further investigation for auto-procedure inhibits that are 
available in the system) 

•Maneuvering Arm Activity added successfully 




DRM Summary 



convergence 

activities that have unknown resource allocation? 
developer and an activity that has not been executed bel 
duration time of the activity for resource utilization estimates" 
executed at least once (Activity History) 

•Requires detailed resource utilization intelligence for vehicle mal 
activities 

•Different Maneuver's will require different resource allocations 
•Could have pre-plann^l maneuver's, giving more accurate resource usl 
•Operations restrictions cambe pre-planned and embedded (Rules & Conditii 
•Adding 1 activity may cause several plan updates in a cascading fashion. 
•Candidate plans are held back until the initial activity is approved. 

•Could promote all plans at one time, but it is not the way it works. 
•Forces Validation of each edit against the current complete plan 
•Re-Check of Flight, Safety and Condition rules and resources for each 
edit 


Future Work 




•No plans to enhance or expand development of the HAL 9000 Executives 

• • 

•Continue utilization of the Timeliner-TLX™ System for ISS and other projects 
automated command and control requirements 

•Lack of a target vehicle and mission for application of the complete HAL 9000 
System 

•Continue to proof design as opportunities arise or HAL System capabilities 
are needed for other projects 

* 

B' 

•Currently developing methods for crew procedure authoring and 
verification/vaiidation of these procedures during flight. 



Conclusion 




•Concepts for the HAL 9000 System design have never been directly funded 
•Proof of concept leveraged on other projects and private development 
•Autonomous operations is viable and ready 

•Current Operations paradigms are not ready 
•Can be applied in other command and control operations with a scaled down system 
•Execution Component Only (HAL 3) 

•Executive Component Only (HAL 1000) 

•De-scaled combination Executive and Execution components (HAL 2000 and above, 
such as for Habitats) 

•Vehicle design and development must be cfcjfen by HAL 9000 requirements 
•HAL 9000 Development Metnocidl^W^Bauired B&^ u - 
•All Systems, sub-systems and devices must be automated 
•Cannot fully automate a system that is not designed for such 
•Safety is employed during design, build-up and operations 

•They must make their decisions up front and available during real-time 
•External systems and simulations are required to assist the crew in HAL9000 operations 
•Critical areas are in Guidance, Navigation, Prognosis and Diagnosis m 
•Crew Autonomy, Relaxed Crew Ops,On-board Procedure development/implementation 
•Is anybody ready? 





